Luciano Floridi (Italian: [luˈtʃaːno ˈflɔːridi]; born 16 November 1964) is an Italian and British philosopher. He is John K. Castle Professor in the Practice of Cognitive Science and Founding Director of the Digital Ethics Center at Yale University. He is also a Professor of Sociology of Culture and Communication at the University of Bologna, Department of Legal Studies, where he is the director of the Centre for Digital Ethics. Furthermore, he is adjunct professor ("distinguished scholar in residence") at the Department of Economics, American University, Washington D.C. He is married to the neuroscientist Anna Christina Nobre. Floridi is best known for his work on two areas of philosophical research: the philosophy of information, and information ethics (also known as digital ethics or computer ethics), for which he received many awards, including the Knight of the Grand Cross of the Order of Merit, Italy's most prestigious honor. According to Scopus, Floridi was the most cited living philosopher in the world in 2020. Between 2008 and 2013, he held the research chair in philosophy of information and the UNESCO Chair in Information and Computer Ethics at the University of Hertfordshire. He was the founder and director of the IEG, an interdepartmental research group on the philosophy of information at the University of Oxford, and of the GPI the research Group in Philosophy of Information at the University of Hertfordshire. He was the founder and director of the SWIF, the Italian e-journal of philosophy (1995–2008). He is a former Governing Body Fellow of St Cross College, Oxford. == Early life and education == Floridi was born in Rome in 1964, and studied at Rome University La Sapienza (laurea, first class with distinction, 1988), where he was originally educated as a historian of philosophy. He soon became interested in analytic philosophy and wrote his tesi di laurea (roughly equivalent to an M.A. thesis) in philosophy of logic, on Michael Dummett's anti-realism. He obtained his Master of Philosophy (1989) and PhD degree (1990) from the University of Warwick, working in epistemology and philosophy of logic with Susan Haack (who was his PhD supervisor) and Michael Dummett. Floridi's early student years are partly recounted in the non-fiction book The Lost Painting: The Quest for a Caravaggio Masterpiece, where he is "Luciano". During his graduate and postdoctoral years, he covered the standard topics in analytic philosophy in search of a new methodology. He sought to approach contemporary problems from a heuristically powerful and intellectually enriching perspective when dealing with lively philosophical issues. During his graduate studies, he began to distance himself from classical analytic philosophy. In his view, the analytic movement had lost its way. For this reason, he worked on pragmatism (especially Peirce) and foundationalist issues in epistemology and philosophy of logic, as well as the history of skepticism. == Academic career and previous positions == Floridi started his academic career as a lecturer in philosophy at the University of Warwick in 1990–1991. He joined the Faculty of Philosophy of the University of Oxford in 1990 and the OUCL (Oxford's Department of Computer Science) in 1999. He was junior research fellow (JRF) in philosophy at Wolfson College, Oxford University (1990–1994), a Frances Yates Fellow in the History of Ideas at the Warburg Institute, University of London (1994–1995) and Research Fellow in philosophy at Wolfson College, Oxford University (1994–2001). During these years in Oxford, he held lectureships in different Colleges. Between 1994 and 1996, he also held a post-doctoral research scholarship at the Department of Philosophy, University of Turin. Between 2001 and 2006, he was Markle Foundation Senior Research Fellow in Information Policy at the Programme in Comparative Media Law and Policy, Oxford University. Between 2002 and 2008, he was associate professor of logic at the Università degli Studi di Bari. In 2006, he became Fellow by Special Election of St Cross College, Oxford University, where he played for the squash team. In 2008, he was appointed full professor of philosophy at the University of Hertfordshire, to hold the newly established research chair in philosophy of information and, in 2009, the UNESCO Chair in Information and Computer Ethics, a position which he held until 2013, when he moved back to Oxford. In 2017, Floridi became a fellow of the Alan Turing Institute and the chair of its Data Ethics Group, holding these positions until 2021 and 2020, respectively. Since 2010 he has been editor-in-chief of Philosophy & Technology (Springer). In January 2023, Floridi announced he would move to Yale at the beginning of the academic year 2023–2024, to take over the position of founding director of the Yale Digital Ethics Center. == Philosophical views == One of Floridi's key contributions is his formulation of the 'Philosophy of Information' (PoI). The PoI provides a framework for understanding the nature of information and its role in the world. According to Floridi, information is a vital resource that shapes our knowledge and understanding of the world. It is not simply a neutral representation of reality but a part of the world, with its own properties, effects, and moral implications. Floridi's PoI has several key components including an 'ontology of information', which defines the nature of information, an 'ethics of information', which provides a framework for evaluating the moral implications of information and information technologies, an 'epistemology of information', that analyses the role of information in the development of knowledge and science, and a 'logic of information', the concentrates on the more formal aspects. The PoI also includes a theory of the 'information environment', the infosphere, which encompasses the physical, social, and cultural contexts in which information is produced, used, and communicated. == Recognitions and awards == 2022 - Knight of the Grand Cross - First Class of the Order of Merit (Cavaliere di Gran Croce Ordine al Merito della Repubblica Italiana, the highest honor in the Italian Republic), awarded through a special decree by the president of the Italian Republic Sergio Mattarella for his work on the philosophy and ethics of information. 2022 - Fellow of the Accademia delle Scienze dell'Istituto di Bologna 2021 - Honorary Doctorate (Laurea honoris causa) in Informatics, University of Skövde, Sweden, for "his groundbreaking work on the philosophy of information". 2020 - Premio Udine Filosofia, Mimesis Festival, for The Logic of Information (OUP, 2019) 2020 - Premio Socrate, Cesare Landa Foundation, for philosophical communication 2019 - CogX Award, for "outstanding achievement in ethics of AI" 2019 - Gilbert Ryle Lectures, Trent University 2019 - Premio Aretè "Maestro della Responsabilità", Nuvolaverde, Confindustria, Gruppo 24 Ore Salone della CSR e dell'innovazione sociale, for ethics of communication 2018 - Thinker Award, IBM, for AI Ethics 2018 - Premio Conoscenza, Conferenza dei Rettori delle Università Italiane (CRUI, equivalent of Universities UK), for achievements in research and communication about digital ethics 2017 - Fellow of the Academy of Social Sciences 2016 - J. Ong Award, Media Ecology Association, for The Fourth Revolution (OUP, 2016) 2016 - Copernicus Scientist Award, Institute for Advanced Studies of the University of Ferrara, in recognition of research in the ethics and philosophy of information 2015 - Fernand Braudel Senior Fellow, European University Institute 2014-15 - Cátedras de Excelencia, University Carlos III of Madrid, for research in philosophy and ethics of information 2013 - Member of the Académie Internationale de Philosophie des Sciences 2013 - Fellow of the British Computer Society 2013 - Weizenbaum Award, International Society for Ethics and Information Technology, for "very significant contribution to the field of information and computer ethics, through his research, service, and vision" 2012 - Covey Award, International Association for Computing and Philosophy, for "outstanding research in computing and philosophy" 2011-12 - Fellow, Center for Information Policy Research, University of Wisconsin–Milwaukee 2011 - Honorary Doctorate (Laurea honoris causa) in philosophy, University of Suceava, Romania, for "his leading research in the philosophy and ethics of information" 2011 - Fellow, World Technology Network, NY, in the category "ethics and technology" 2010 - Vice Chancellor Research Award, University of Hertfordshire 2009 - Fellow of the Society for the Study of Artificial Intelligence and the Simulation of Behaviour (AIBS) 2009-10 - Gauss Professor of the Akademie der Wissenschaften, Göttingen, in recognition of research in the philosophy of information (first philosopher to receive the award, generally given to mathematicians or physicists) 2009 - Barwise Prize, American Philosophical Asso
Computer vision dazzle
Computer vision dazzle, also known as CV dazzle, dazzle makeup, or anti-surveillance makeup, is a type of camouflage used to hamper facial recognition software, inspired by dazzle camouflage used by vehicles such as ships and planes. == Methods == CV dazzle combines stylized makeup, asymmetric hair, and sometimes infrared lights built in to glasses or clothing to break up detectable facial patterns recognized by computer vision algorithms in much the same way that warships contrasted color and used sloping lines and curves to distort the structure of a vessel. It has been shown to be somewhat successful at defeating face detection software in common use, including that employed by Facebook. CV dazzle attempts to block detection by facial recognition technologies such as DeepFace "by creating an 'anti-face'". It uses occlusion, covering certain facial features; transformation, altering the shape or colour of parts of the face; and a combination of the two. Prominent artists employing this technique include Adam Harvey and Jillian Mayer. == Use in protests == Computer vision dazzle makeup has been used by protestors in several different protest movements. Its use as a protesting aid has often been found ineffective. It may be effective to thwart computer technology, but draws human attention, is easy for human monitors to spot on security cameras, and makes it hard for protestors to blend in within a crowd. Advances in facial recognition technology make dazzle makeup increasingly ineffective.
IBM 37xx
IBM 37xx (or 37x5) is a family of IBM Systems Network Architecture (SNA) programmable front-end processors used mainly in mainframe environments. All members of the family ran one of three IBM-supplied programs. Emulation Program (EP) mimicked the operation of the older IBM 270x non-programmable controllers. Network Control Program (NCP) supported Systems Network Architecture devices. Partitioned Emulation Program (PEP) combined the functions of the two. == Models == === 370x series === 3705 — the oldest of the family, introduced in 1972 to replace the non-programmable IBM 270x family. The 3705 could control up to 352 communications lines. 3704 was a smaller version, introduced in 1973. It supported up to 32 lines. === 371x === The 3710 communications controller was introduced in 1984. === 372x series === The 3725 and the 3720 systems were announced in 1983. The 3725 replaced the hardware line scanners used on previous 370x machines with multiple microcoded processors. The 3725 was a large-scale node and front end processor. The 3720 was a smaller version of the 3725, which was sometimes used as a remote concentrator. The 3726 was an expansion unit for the 3725. With the expansion unit, the 3725 could support up to 256 lines at data rates up to 256 kbit/s, and connect to up to eight mainframe channels. Marketing of the 372x machines was discontinued in 1989. IBM discontinued support for the 3705, 3720, 3725 in 1999. === 374x series === The 3745, announced in 1988, provides up to eight T1 circuits. At the time of the announcement, IBM was estimated to have nearly 85% of the over US$825 million market for communications controllers over rivals such as NCR Comten and Amdahl Corporation. The 3745 is no longer marketed, but still supported and used. The 3746 "Nways Controller" model 900, unveiled in 1992, was an expansion unit for the 3745 supporting additional Token Ring and ESCON connections. A stand-alone model 950 appeared in 1995. == Successors == IBM no longer manufactures 37xx processors. The last models, the 3745/46, were withdrawn from marketing in 2002. Replacement software products are Communications Controller for Linux on System z and Enterprise Extender. == Clones == Several companies produced clones of 37xx controllers, including NCR COMTEN and Amdahl Corporation.
Service Assurance Agent
IP SLA (Internet Protocol Service Level Agreement) is an active computer network measurement technology that was initially developed by Cisco Systems. IP SLA was previously known as Service Assurance Agent (SAA) or Response Time Reporter (RTR). IP SLA is used to track network performance like latency, ping response, and jitter, it also helps to provide service quality. == Functions == Routers and switches enabled with IP SLA perform periodic network tests or measurements such as Hypertext Transfer Protocol (HTTP) GET File Transfer Protocol (FTP) downloads Domain Name System (DNS) lookups User Datagram Protocol (UDP) echo, for VoIP jitter and mean opinion score (MOS) Data-Link Switching (DLSw) (Systems Network Architecture (SNA) tunneling protocol) Dynamic Host Configuration Protocol (DHCP) lease requests Transmission Control Protocol (TCP) connect Internet Control Message Protocol (ICMP) echo (remote ping) The exact number and types of available measurements depends on the IOS version. IP SLA is very widely used in service provider networks to generate time-based performance data. It is also used together with Simple Network Management Protocol (SNMP) and NetFlow, which generate volume-based data. == Usage considerations == For IP SLA tests, devices with IP SLA support are required. IP SLA is supported on Cisco routers and switches since IOS version 12.1. Other vendors like Juniper Networks or Enterasys Networks support IP SLA on some of their devices. IP SLA tests and data collection can be configured either via a console (command-line interface) or via SNMP. When using SNMP, both read and write community strings are needed. The IP SLA voice quality feature was added starting with IOS version 12.3(4)T. All versions after this, including 12.4 mainline, contain the MOS and ICPIF voice quality calculation for the UDP jitter measurement.
Conjugate coding
Conjugate coding is a cryptographic tool, introduced by Stephen Wiesner in the late 1960s. It is part of the two applications Wiesner described for quantum coding, along with a method for creating fraud-proof banking notes. The application that the concept was based on was a method of transmitting multiple messages in such a way that reading one destroys the others. This is called quantum multiplexing and it uses photons polarized in conjugate bases as "qubits" to pass information. Conjugate coding also is a simple extension of a random number generator. At the behest of Charles Bennett, Wiesner published the manuscript explaining the basic idea of conjugate coding with a number of examples but it was not embraced because it was significantly ahead of its time. Because its publication has been rejected, it was developed to the world of public-key cryptography in the 1980s as oblivious transfer, first by Michael Rabin and then by Shimon Even. It is used in the field of quantum computing. The initial concept of quantum cryptography developed by Bennett and Gilles Brassard was also based on this concept.
Multi-model database
In the field of database design, a multi-model database is a database management system designed to support multiple data models against a single, integrated backend. In contrast, most database management systems are organized around a single data model that determines how data can be organized, stored, and manipulated. Document, graph, relational, and key–value models are examples of data models that may be supported by a multi-model database. == Background == The relational data model became popular after its publication by Edgar F. Codd in 1970. Due to increasing requirements for horizontal scalability and fault tolerance, NoSQL databases became prominent after 2009. NoSQL databases use a variety of data models, with document, graph, and key–value models being popular. A multi-model database is a database that can store, index and query data in more than one model. For some time, databases have primarily supported only one model, such as: relational database, document-oriented database, graph database or triplestore. A database that combines many of these is multi-model. This should not be confused with multimodal database systems such as Pixeltable or ApertureDB, which focus on unified management of different media types (images, video, audio, text) rather than different data models. For some time, it was all but forgotten (or considered irrelevant) that there were any other database models besides relational. The relational model and notion of third normal form were the default standard for all data storage. However, prior to the dominance of relational data modeling, from about 1980 to 2005, the hierarchical database model was commonly used. Since 2000 or 2010, many NoSQL models that are non-relational, including documents, triples, key–value stores and graphs are popular. Arguably, geospatial data, temporal data, and text data are also separate models, though indexed, queryable text data is generally termed a "search engine" rather than a database. The first time the word "multi-model" has been associated to the databases was on May 30, 2012 in Cologne, Germany, during the Luca Garulli's key note "NoSQL Adoption – What’s the Next Step?". Luca Garulli envisioned the evolution of the 1st generation NoSQL products into new products with more features able to be used by multiple use cases. The idea of multi-model databases can be traced back to Object–Relational Data Management Systems (ORDBMS) in the early 1990s and in a more broader scope even to federated and integrated DBMSs in the early 1980s. An ORDBMS system manages different types of data such as relational, object, text and spatial by plugging domain specific data types, functions and index implementations into the DBMS kernels. A multi-model database is most directly a response to the "polyglot persistence" approach of knitting together multiple database products, each handing a different model, to achieve a multi-model capability as described by Martin Fowler. This strategy has two major disadvantages: it leads to a significant increase in operational complexity, and there is no support for maintaining data consistency across the separate data stores, so multi-model databases have begun to fill in this gap. Multi-model databases are intended to offer the data modeling advantages of polyglot persistence, without its disadvantages. Operational complexity, in particular, is reduced through the use of a single data store. == Benchmarking multi-model databases == As more and more platforms are proposed to deal with multi-model data, there are a few works on benchmarking multi-model databases. For instance, Pluciennik, Oliveira, and UniBench reviewed existing multi-model databases and made an evaluation effort towards comparing multi-model databases and other SQL and NoSQL databases respectively. They pointed out that the advantages of multi-model databases over single-model databases are as follows : == Architecture == The main difference between the available multi-model databases is related to their architectures. Multi-model databases can support different models either within the engine or via different layers on top of the engine. Some products may provide an engine which supports documents and graphs while others provide layers on top of a key-key store. With a layered architecture, each data model is provided via its own component. == User-defined data models == In addition to offering multiple data models in a single data store, some databases allow developers to easily define custom data models. This capability is enabled by ACID transactions with high performance and scalability. In order for a custom data model to support concurrent updates, the database must be able to synchronize updates across multiple keys. ACID transactions, if they are sufficiently performant, allow such synchronization. JSON documents, graphs, and relational tables can all be implemented in a manner that inherits the horizontal scalability and fault-tolerance of the underlying data store. == Theoretical Foundation for Multi-Model Databases == The traditional theory of relations is not enough to accurately describe multi-model database systems. Recent research is focused on developing a new theoretical foundation for these systems. Category theory can provide a unified, rigorous language for modeling, integrating, and transforming different data models. By representing multi-model data as sets and their relationships as functions or relations within the Set category, we can create a formal framework to describe, manipulate, and understand various data models and how they interact.
Business continuity and disaster recovery auditing
Given organizations' increasing dependency on information technology (IT) to run their operations, business continuity planning (and its subset IT service continuity planning) covers the entire organization, while disaster recovery focuses on IT. Auditing documents covering an organization's business continuity and disaster recovery (BCDR) plans provides a third-party validation to stakeholders that the documentation is complete and does not contain material misrepresentations. == Overview == Often used together, the terms business continuity (BC) and disaster recovery (DR) are very different. BC refers to the ability of a business to continue critical functions and business processes after the occurrence of a disaster, whereas DR refers specifically to the IT functions of the business, albeit a subset of BC. == Metrics == The primary objective is to protect the organization in the event that all or part of its operations and/or computer services are rendered partially or completely unusable. === DR metrics === Minimizing downtime and data loss during disaster recovery is typically measured in terms of two key concepts: Recovery time objective (RTO), time until a system is completely up and running Recovery point objective (RPO), a measure of the ability to recover files by specifying a point in time the backup copy will restore to. == The auditor's role == Role of the Internal Auditor in Auditing a Disaster Recovery Plan (DRP): 1. Governance & Oversight - Confirm roles, responsibilities, and oversight are defined, and DRP aligns with risk appetite and continuity strategy. 2. Risk Assessment & BIA - Verify risk and impact assessments identify critical systems and define RTO/RPO. 3. Plan Design & Documentation - Ensure the DRP is current, complete, and includes key recovery procedures. 4. Testing & Validation - Confirm regular DRP testing occurs and results are used to improve the plan. 5. Backup & Recovery - Assess backup frequency and recovery capabilities against RTO/RPO targets. 6. Communication & Training - Verify staff are trained and communication protocols are in place for crises. 7. Maintenance & Improvement - Ensure the DRP is regularly updated and lessons learned are integrated. == Documentation == === Disaster recovery plan === A disaster recovery plan (DRP) is a documented process or set of procedures to execute an organization's disaster recovery processes and recover and protect a business IT infrastructure in the event of a disaster. It is "a comprehensive statement of consistent actions to be taken before, during and after a disaster". The disaster could be natural, environmental or man-made. Man-made disasters could be intentional (for example, an act of a terrorist) or unintentional (that is, accidental, such as the breakage of a man-made dam or even "fat fingers" - or errant commands entered - on a computer system). ==== Types of plans ==== Although there is no one-size-fits-all plan, there are three basic strategies: prevention, including proper backups, having surge protectors and generators detection, a byproduct of routine inspections, which may discover new (potential) threats correction The latter may include securing proper insurance policies, and holding a "lessons learned" brainstorming session. ==== Best practices ==== To maximize their effectiveness, DRPs are most effective when updated frequently, and should: be an integral part of all business analysis processes, be revisited at every major corporate acquisition, at every new product launch and at every new system development milestone. be thoroughly tested, not just unpracticed bureaucratic documentation Adequate records need to be retained by the organization. The auditor examines records, billings, and contracts to verify that records are being kept. One such record is a current list of the organization's hardware and software vendors. Such list is made and periodically updated to reflect changing business practices and as part of an IT asset management system. Copies of it are stored on and off site and are made available or accessible to those who require them. An auditor tests the procedures used to meet this objective and determine their effectiveness. === Relationship to BCPs === Disaster recovery is a subset of business continuity. Where DRP encompasses the policies, tools and procedures to enable recovery of data following a catastrophic event, BCP involves keeping all aspects of a business functioning regardless of potential disruptive events. As such, a business continuity plan is a comprehensive organizational strategy that includes the DRP as well as threat prevention, detection, recovery, and resumption of operations should a data breach or other disaster event occur. Therefore, BCP consists of five component plans: Business resumption plan Occupant emergency plan Continuity of operations plan Incident management plan Disaster recovery plan The first three components (business resumption, occupant emergency, and continuity of operations plans) do not deal with the IT infrastructure. The incident management plan (IMP) does deal with the IT infrastructure, but since it establishes structure and procedures to address cyber attacks against an organization's IT systems, it generally does not represent an agent for activating the DRP; thus DRP is the only BCP component of active interest to IT. == Testing == The overall categorization of tests are functional- and discussion-based. Types of tests include: tabletop exercises, checklists, simulations, parallel processing (testing recovery site while primary site is in operation), and full interruption (fail over) tests. These apply to both BC and DR. == Benefits == Like every insurance plan, there are benefits that can be obtained from proper business continuity planning, including: Studies have shown a correlation between higher spending on auditing fees and lower rates of Incidents. Minimizing risk of delays Guaranteeing the reliability of standby systems (even automating the failure detection and recovery in certain scenarios) Providing a standard for testing the plan Minimizing decision-making during a disaster Reducing potential legal liabilities Lowering unnecessarily stressful work environment === Planning and testing methodology === According to Geoffrey H. Wold of the Disaster Recovery Journal, the entire process involved in developing a Disaster Recovery Plan consists of 10 steps: Performing a risk assessment: The planning committee prepares a risk analysis and a business impact analysis (BIA) that includes a range of possible disasters. Each functional area of the organization is analyzed to determine potential consequences. Traditionally, fire has posed the greatest threat. A thorough plan provides for "worst case" situations, such as destruction of the main building. Establishing priorities for processing and operations: Critical needs of each department are evaluated and prioritized. Written agreements for alternatives selected are prepared, with details specifying duration, termination conditions, system testing, cost, any special security procedures, procedure for the notification of system changes, hours of operation, the specific hardware and other equipment required for processing, personnel requirements, definition of the circumstances constituting an emergency, process to negotiate service extensions, guarantee of compatibility, availability, non-mainframe resource requirements, priorities, and other contractual issues. Collecting data: This includes various lists (employee backup position listing, critical telephone numbers list, master call list, master vendor list, notification checklist), inventories (communications equipment, documentation, office equipment, forms, insurance policies, workgroup and data center computer hardware, microcomputer hardware and software, office supply, off-site storage location equipment, telephones, etc.), distribution register, software and data files backup/retention schedules, temporary location specifications, any other such lists, materials, inventories, and documentation. Pre-formatted forms are often used to facilitate the data gathering process. Organizing and documenting a written plan Developing testing criteria and procedures: reasons for testing include Determining the feasibility and compatibility of backup facilities and procedures. Identifying areas in the plan that need modification. Providing training to the team managers and team members. Demonstrating the ability of the organization to recover. Providing motivation for maintaining and updating the disaster recovery plan. Testing the plan: An initial "dry run" of the plan is performed by conducting a structured walk-through test. An actual test-run must be performed. Problems are corrected. Initial testing can be plan is done in sections and after normal business hours to minimize disruptions. Subsequent tests occur during normal business hours. === Caveats/controversie